Hello
*I'm running FreeRadius with the standard Ubuntu Breezy package that
reads as freeradius 1.0.4-2. Its been the connection to the LDAP backend
for authentication on an old Cisco 3640 with IOS 12.2(23) for quite a
while.
I'm trying to setup a new 2811 router with IOS 12.4(11)T1 and am
John Baker wrote:
The setup works fine if I use a password like testing123 on both ends.
But when I use radius-server key 7 to encrypt it breaks.
As in... what happens?
The current
setup does use this so I know it works. But in all the documentation
I've been weeding** through** on
Hello
I'm certain was using the right command. The number 7 in the line tells
the router that a hidden key will follow.
coltrane(config)#radius-server key ?
0 Specifies an UNENCRYPTED key will follow
7 Specifies HIDDEN key will follow
LINE The UNENCRYPTED (cleartext) shared key
It sounds like your trying to encrypt the shared secret in the router
config. Or, your trying to copy the encrypted shared secret and paste
it. (The 7 is what tipped me off)
First, you need to verify that you have the password-encryption is
enabled in the IOS. This is the magic that makes
One further comment.
The shared secret in FreeRADIUS CANNOT be the really long number in
the IOS config file. This is an encrypted hash of the REAL secret.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Michael
Please add any info you feel is relevant to:
http://wiki.freeradius.org/Cisco
Cheers
Peter
On Mon 09 Apr 2007, King, Michael wrote:
It sounds like your trying to encrypt the shared secret in the router
config. Or, your trying to copy the encrypted shared secret and paste
it.
Okay, this is the piece I was trying to figure out. :)
Like I said in a follow up I found that copying the key out of the old
cisco config and the old one in the users.conf worked. Initially I made
an error on this cisco end when copying that made it fail.
So the piece of confusion is how you
-Original Message-
So the piece of confusion is how you get that encrypted hash
in there in the first place when configuring a new key.
Service password-encryption
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_command_
8 matches
Mail list logo
